Postfix + Dovecot 邮件服务

本来以为搭建一个邮件服务器很简单,没想到折腾了我几天时间,网上很多文档都有些问题,真是害死人。话不多说,我们来看看如何在 CentOS 上搭建邮件服务器,包括启用 SASL 认证、开启 SSL 等等。

yum -y install postfix dovecot cyrus*

Postfix

# 基本配置
cd /etc/postfix/
mv main.cf main.cf.bak
postconf -n > main.cf        # 隐藏默认配置项

--- main.cf ---
myhostname = mail.zfl9.com      # mail主机名
mydomain = zfl9.com             # 域名
myorigin = $mydomain            # 邮件地址后缀
mydestination = $mydomain       # 邮件投递目标,一般mydomain即可 避免转发垃圾邮件
home_mailbox = Maildir/         # 设置本地邮件目录

# sasl认证
--- main.cf ---
smtpd_sasl_auth_enable = yes                # 开启sasl认证
smtpd_sasl_security_options = noanonymous   # 禁止匿名用户
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination

# 别名设置
## 默认不允许root使用邮箱账户,需要配置别名
--- /etc/aliases ---
root: admin     # 设置root别名为admin

postalias /etc/aliases      # 更新alias数据库

--- /etc/postfix/main.cf ---
alias_maps = hash:/etc/aliases      # 指定alias文件
alias_database = hash:/etc/aliases  # alias数据库

# ssl/tls配置
--- /etc/postfix/main.cf ---
smtpd_tls_security_level = encrypt      # 启用SSL加密认证
smtpd_tls_cert_file = /etc/pki/mail/server.crt
smtpd_tls_key_file = /etc/pki/mail/server.key
smtpd_tls_auth_only = yes               # 只允许TLS认证的客户端连接服务器

--- /etc/postfix/master.cf ---
smtps     inet  n       -       n       -       -       smtpd
  -o smtpd_tls_wrappermode=yes

Dovecot

cd /etc/dovecot/conf.d/
--- 10-auth.conf ---
disable_plaintext_auth = yes    # 禁止明文密码认证
--- 10-auth.conf ---

--- 10-mail.conf ---
mail_location = maildir:~/Maildir
--- 10-mail.conf ---

--- 10-ssl.conf ---
ssl = yes
ssl_cert = </etc/pki/mail/server.crt
ssl_key = </etc/pki/mail/server.key
--- 10-ssl.conf ---

启动服务

chkconfig postfix on
chkconfig dovecot on
chkconfig saslauthd on
service postfix start
service dovecot start
service saslauthd start

ss -lnp | egrep 'master|dovecot'
# 查看端口是否正常打开
smtp    25
pop3    110
imap    143
smtps   465
pops    995
imaps   993